views:

1293

answers:

3

I have an application that has a backoffice. This backoffice was isolated with the use of roles like this:

<location path="backoffice">
    <system.web>
     <authorization>
      <allow roles="admin"/>
      <deny users="*"/>
     </authorization>
    </system.web>
</location>

But now we have another type of role that needs access. The companyadmin role.

Can I just say?:

 <location path="backoffice">
        <system.web>
         <authorization>
          <allow roles="admin,companyadmin"/>
          <deny users="*"/>
         </authorization>
        </system.web>
    </location>
A: 

yes, you can add n roles like that.

If you prefer, you can also:

<allow roles="admin"/>
<allow roles="admin1"/>
<deny users="*"/>
eglasius
what the hell is going on with that grammar?
GoodEnough
+3  A: 

Yes, exactly so (assuming you properly authenticated your users, and set their roles accordingly). Check the MSDN article: http://msdn.microsoft.com/en-us/library/8d82143t(VS.71).aspx

AviD
+1  A: 

Yes, roles, users and verbs takes comma separated values.

MSDN Reference

Canavar